[
https://issues.apache.org/jira/browse/WAGON-590?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
IG updated WAGON-590:
---------------------
Attachment: 0001-conditonally-set-AuthScope-to-any.patch
> Maven 3.5.0+ don't seem to send credentials after 301/302 http redirect
> -----------------------------------------------------------------------
>
> Key: WAGON-590
> URL: https://issues.apache.org/jira/browse/WAGON-590
> Project: Maven Wagon
> Issue Type: Bug
> Affects Versions: 3.4.0
> Reporter: Cintia DR
> Priority: Major
> Attachments: 0001-conditonally-set-AuthScope-to-any.patch, Screen
> Shot 2020-04-28 at 7.45.33 pm.png, any-auth.log,
> expect-continue-done-right-any-auth.log, master_osx.log, master_ubuntu.log,
> maven_x.log, mvn-master-batch.log, mvn-wagon590branch-debug-osx.log,
> mvn-wagon590branch-osx.log, mvn339_osx.log, mvn339_ubuntu.log, scoped-auth.log
>
>
> Since maven 3.5.0 (including 3.6.3), maven seems to not send server
> credentials if distributionManagement server response was a 301 or 302 HTTP
> redirect. Note that the redirect is followed, but I receive unauthorised code.
> Maven 3.2.5 and 3.3.9 work as expected. I could reproduce it on ubuntu and
> OSX. Both are JDK 8, not sure if it could make any difference.
>
> All maven versions (including 3.2.5 and 3.3.9) are using the same version of
> the deploy plugin (2.7), and upgrading it made no difference whatsoever.
> ----
> If I use '[https://openmrs.jfrog.io/artifactory/snapshots/'] as my
> 'distributionManagement', credentials are sent.
> If I use
> '[https://mavenrepo.openmrs.org/proxy/snapshots/|https://mavenrepo.openmrs.org/snapshots/']'
> (a reverse proxy to
> '[https://openmrs.jfrog.io/artifactory/snapshots/|https://openmrs.jfrog.io/artifactory/snapshots/']')
> credentials are sent.
> If I use '[https://mavenrepo.openmrs.org/snapshots/'] (a 301 redirect to
> [https://openmrs.jfrog.io/artifactory/snapshots/|https://openmrs.jfrog.io/artifactory/snapshots/'])
> as my distributionManagement, credentials are _not_ sent and the request
> fails as it's unauthenticated.
>
> You can see the configuration of 'mavenrepo.openmrs.org' server here:
> [https://github.com/openmrs/openmrs-contrib-itsmresources/blob/master/ansible/host_vars/campo.openmrs.org/vars#L33]
>
> All my artefacts are public to download, so I don't have a way to testing
> downloading artefacts with server credentials.
>
> ----
> This is how the output looks like in maven 3.6.3:
> {code:java}
>
> [INFO] --- maven-deploy-plugin:2.7:deploy (default-deploy) @
> releasetestmodule ---
> Downloading from openmrs-repo-snapshots:
> https://mavenrepo.openmrs.org/nexus/content/repositories/snapshots/org/openmrs/module/releasetestmodule/2.1.22-SNAPSHOT/maven-metadata.xml
> Downloaded from openmrs-repo-snapshots:
> https://mavenrepo.openmrs.org/nexus/content/repositories/snapshots/org/openmrs/module/releasetestmodule/2.1.22-SNAPSHOT/maven-metadata.xml
> (616 B at 132 B/s)
> Uploading to openmrs-repo-snapshots:
> https://mavenrepo.openmrs.org/nexus/content/repositories/snapshots/org/openmrs/module/releasetestmodule/2.1.22-SNAPSHOT/releasetestmodule-2.1.22-20200427.091851-13.pom
> ...
> [ERROR] Failed to execute goal
> org.apache.maven.plugins:maven-deploy-plugin:2.7:deploy (default-deploy) on
> project releasetestmodule: Failed to deploy artifacts: Could not transfer
> artifact org.openmrs.module:releasetestmodule:pom:2.1.22-20200427.091851-13
> from/to openmrs-repo-snapshots
> (https://mavenrepo.openmrs.org/nexus/content/repositories/snapshots):
> Transfer failed for
> https://openmrs.jfrog.io/artifactory/snapshots/org/openmrs/module/releasetestmodule/2.1.22-SNAPSHOT/releasetestmodule-2.1.22-20200427.091851-13.pom
> 401 Unauthorized -> [Help 1]{code}
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
